On Mon, Aug 3, 2015 at 4:30 PM, Serge Hallyn <[email protected]> wrote: > Quoting Christoph Mathys ([email protected]): >> On Wed, Jul 29, 2015 at 4:14 AM, Serge Hallyn <[email protected]> >> wrote: >> > The host should be protected from udevadm trigger by your container >> > being under an apparmor profile and/or readonly sys. >> >> But if udevadm trigger is executed on the host for some reason, this >> will still break all containers that use lxc.autodev = 1? A quick test > > Ah that's not what i thought you were saying. That doesn't happen on > my systems, and I can't recall offhand why. I'll have to play with it.
Hi Serge, thanks for taking the time! I've stated that I have the problem inside the container, and your hint about readonly sysfs inside the container is of course correct. But my containers also go nuts if the udevadm trigger is executed on the host directly, so making the containers safe only "masks" the problem. > So you're saying you have lvm backed containers, not running udev, > and when you run udevadm trigger on the host your containers die? No, the container is not on lvm, its a simple ext4 partition. They do run udev (its a standard ubuntu precise), and the only thing halfway special is that my "/dev/"-directory is on a tmpfs (by means of the flag lxc.autodev in the containers config). The containers do not die, but it seems like devfs inside the container gets at least partly fucked up (I can no longer get a pty inside the container). I'll try to reproduce it tomorrow and provide a small script. Christoph _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
